• Known traffic to CnC but Sophos silent

    Danie de Jager
    Danie de Jager
    Hi, I have events triggered to a known CnC server. I see the events triggered on my NIDS from my internal sources (running Endpoint Advanced) and looking at the Sophos Firewall logs I see that swi_fc.exe connected to the IP address of the CnC server…
    • over 8 years ago
    • On-Premise Endpoint
    • Sophos Endpoint Software
  • View related content throughout On-Premise Endpoint
  • More
  • Cancel